Researchers at Matousec.com have published an attack tactic that bypasses the security protections of most current antivirus software.
According to Computerworld, Matousec calls the technique an "argument-switch attack." It involves an attacker swapping out benign code for malicious code between the moments when the security software issues a green light and the code actually executes. Matousec says more than 30 antivirus products are vulnerable to the attack, including ones from AVG, McAfee and Norton, eWEEK reports.
Alfred Huger, vice president of engineering at Immunet, is concerned by the attack:
This is definitely very serious. Probably any security product running on Windows XP can be exploited this way.
But McAfee is downplaying the severity:
Based on our initial review of the public documentation, we believe this is a complicated attack with several mitigating factors that make it unlikely to be a viable, real world, widespread attack scenario. The attack would require some level of existing access to the target computer, as the attack described by Matousec does not on its own bypass security software or allow malware to run.